mirror of
https://github.com/acidanthera/audk.git
synced 2025-07-22 21:24:35 +02:00
SysCall: Made SMEP, SMAP, PAN optional features.
This commit is contained in:
parent
940a7e2074
commit
5b59ec5e07
@ -173,9 +173,6 @@ InitializeMsr (
|
|||||||
// Enable Privileged Access Never feature.
|
// Enable Privileged Access Never feature.
|
||||||
//
|
//
|
||||||
ArmSetPan ();
|
ArmSetPan ();
|
||||||
} else {
|
|
||||||
DEBUG ((DEBUG_ERROR, "Core: Failed to initialize MSRs for Ring3.\n"));
|
|
||||||
ASSERT (FALSE);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
InitializeSysCallHandler ((VOID *)SysCallBootService);
|
InitializeSysCallHandler ((VOID *)SysCallBootService);
|
||||||
@ -187,7 +184,9 @@ DisableSMAP (
|
|||||||
VOID
|
VOID
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
ArmClearPan ();
|
if (ArmHasPan ()) {
|
||||||
|
ArmClearPan ();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
VOID
|
VOID
|
||||||
@ -196,7 +195,9 @@ EnableSMAP (
|
|||||||
VOID
|
VOID
|
||||||
)
|
)
|
||||||
{
|
{
|
||||||
ArmSetPan ();
|
if (ArmHasPan ()) {
|
||||||
|
ArmSetPan ();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
EFI_STATUS
|
EFI_STATUS
|
||||||
|
@ -105,12 +105,6 @@ InitializeMsr (
|
|||||||
// Enable Privileged Access Never feature.
|
// Enable Privileged Access Never feature.
|
||||||
//
|
//
|
||||||
ArmSetPan ();
|
ArmSetPan ();
|
||||||
} else {
|
|
||||||
//
|
|
||||||
// TODO: Refactoring.
|
|
||||||
//
|
|
||||||
DEBUG ((DEBUG_ERROR, "Core: Failed to initialize MSRs for Ring3.\n"));
|
|
||||||
// ASSERT (FALSE);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
InitializeSysCallHandler (SysCallBootService);
|
InitializeSysCallHandler (SysCallBootService);
|
||||||
|
@ -27,14 +27,9 @@ InitializeMsr (
|
|||||||
|
|
||||||
//
|
//
|
||||||
// Forbid supervisor-mode accesses to any user-mode pages.
|
// Forbid supervisor-mode accesses to any user-mode pages.
|
||||||
// SMEP and SMAP must be supported.
|
|
||||||
//
|
//
|
||||||
AsmCpuidEx (0x07, 0x0, NULL, &Ebx, NULL, NULL);
|
AsmCpuidEx (0x07, 0x0, NULL, &Ebx, NULL, NULL);
|
||||||
//
|
if (((Ebx & BIT20) != 0) && ((Ebx & BIT7) != 0)) {
|
||||||
// SYSENTER and SYSEXIT must be also supported.
|
|
||||||
//
|
|
||||||
AsmCpuidEx (0x01, 0x0, NULL, NULL, NULL, &Edx);
|
|
||||||
if (((Ebx & BIT20) != 0) && ((Ebx & BIT7) != 0) && ((Edx & BIT11) != 0)) {
|
|
||||||
Cr4.UintN = AsmReadCr4 ();
|
Cr4.UintN = AsmReadCr4 ();
|
||||||
Cr4.Bits.SMAP = 1;
|
Cr4.Bits.SMAP = 1;
|
||||||
Cr4.Bits.SMEP = 1;
|
Cr4.Bits.SMEP = 1;
|
||||||
@ -43,9 +38,15 @@ InitializeMsr (
|
|||||||
Eflags.UintN = AsmReadEflags ();
|
Eflags.UintN = AsmReadEflags ();
|
||||||
Eflags.Bits.AC = 0;
|
Eflags.Bits.AC = 0;
|
||||||
AsmWriteEflags (Eflags.UintN);
|
AsmWriteEflags (Eflags.UintN);
|
||||||
} else {
|
}
|
||||||
DEBUG ((DEBUG_ERROR, "Core: Failed to initialize MSRs for Ring3.\n"));
|
|
||||||
ASSERT (FALSE);
|
//
|
||||||
|
// SYSENTER and SYSEXIT must be supported.
|
||||||
|
//
|
||||||
|
AsmCpuidEx (0x01, 0x0, NULL, NULL, NULL, &Edx);
|
||||||
|
if ((Edx & BIT11) == 0) {
|
||||||
|
DEBUG ((DEBUG_ERROR, "Core: SYSENTER and SYSEXIT are not supported.\n"));
|
||||||
|
CpuDeadLoop ();
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
|
@ -28,14 +28,9 @@ InitializeMsr (
|
|||||||
|
|
||||||
//
|
//
|
||||||
// Forbid supervisor-mode accesses to any user-mode pages.
|
// Forbid supervisor-mode accesses to any user-mode pages.
|
||||||
// SMEP and SMAP must be supported.
|
|
||||||
//
|
//
|
||||||
AsmCpuidEx (0x07, 0x0, NULL, &Ebx, NULL, NULL);
|
AsmCpuidEx (0x07, 0x0, NULL, &Ebx, NULL, NULL);
|
||||||
//
|
if (((Ebx & BIT20) != 0) && ((Ebx & BIT7) != 0)) {
|
||||||
// SYSCALL and SYSRET must be also supported.
|
|
||||||
//
|
|
||||||
AsmCpuidEx (0x80000001, 0x0, NULL, NULL, NULL, &Edx);
|
|
||||||
if (((Ebx & BIT20) != 0) && ((Ebx & BIT7) != 0) && ((Edx & BIT11) != 0)) {
|
|
||||||
Cr4.UintN = AsmReadCr4 ();
|
Cr4.UintN = AsmReadCr4 ();
|
||||||
Cr4.Bits.SMAP = 1;
|
Cr4.Bits.SMAP = 1;
|
||||||
Cr4.Bits.SMEP = 1;
|
Cr4.Bits.SMEP = 1;
|
||||||
@ -44,15 +39,19 @@ InitializeMsr (
|
|||||||
Eflags.UintN = AsmReadEflags ();
|
Eflags.UintN = AsmReadEflags ();
|
||||||
Eflags.Bits.AC = 0;
|
Eflags.Bits.AC = 0;
|
||||||
AsmWriteEflags (Eflags.UintN);
|
AsmWriteEflags (Eflags.UintN);
|
||||||
//
|
}
|
||||||
// Enable SYSCALL and SYSRET.
|
|
||||||
//
|
//
|
||||||
|
// Enable SYSCALL and SYSRET.
|
||||||
|
//
|
||||||
|
AsmCpuidEx (0x80000001, 0x0, NULL, NULL, NULL, &Edx);
|
||||||
|
if ((Edx & BIT11) != 0) {
|
||||||
MsrEfer.Uint64 = AsmReadMsr64 (MSR_IA32_EFER);
|
MsrEfer.Uint64 = AsmReadMsr64 (MSR_IA32_EFER);
|
||||||
MsrEfer.Bits.SCE = 1;
|
MsrEfer.Bits.SCE = 1;
|
||||||
AsmWriteMsr64 (MSR_IA32_EFER, MsrEfer.Uint64);
|
AsmWriteMsr64 (MSR_IA32_EFER, MsrEfer.Uint64);
|
||||||
} else {
|
} else {
|
||||||
DEBUG ((DEBUG_ERROR, "Core: Failed to initialize MSRs for Ring3.\n"));
|
DEBUG ((DEBUG_ERROR, "Core: SYSCALL and SYSRET are not supported.\n"));
|
||||||
ASSERT (FALSE);
|
CpuDeadLoop ();
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
|
Loading…
x
Reference in New Issue
Block a user